using dagger to call a module from a private github repository | Dagger | Page 1

glacial hawk Nov 21, 2025, 8:06 AM

#

I've created a dagger module which I've tested locally for remote invocation scenarios. It works fine, however I've run into an unexpected problem while trying to consume it using github actions:

 - name: Hello
   uses: dagger/dagger-for-github@v8.2.0
   with:
     module: git@github.com/{org}/{repository}@refs/tags/v0.0.1
     call: build --source=${{ !inputs.Directory }} --auto-apply
     cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}
     version: "v0.19.6"

The problem manifests itself during workflow execution. I'll be attaching the log in the next post.

It appears that dagger fails to authenticate with github to clone the remote repository (which is a part of my org). What is the recommended approach here?

The module code is:

import {
  dag,
  Changeset,
  Container,
  Directory,
  object,
  func,
  argument
} from "@dagger.io/dagger"

@object()
export class CloudTekDotNet {
  /**
   * Executes the local build the using nuke.build dotnet tool
   * @param source source directory
   * @param base optional base image
   * @param target NUKE target
   * @returns the Changeset containing all changes
   */
  @func()
  async build(
    @argument({ defaultPath: "." }) source: Directory,
    base?: Container,
    target: string = "All",
  ): Promise<Changeset> {

    const container = (base ?? dag.container().from("mcr.microsoft.com/dotnet/sdk:10.0").withWorkdir("/app"))
      .withDirectory(".", source)
    const before = container.directory(".")
    const after = container
      .withExec(["dotnet", "tool", "restore"])
      .withExec(["dotnet", "tool", "run", "nuke", "--target", target])
      .directory(".")
    return after.changes(before)
  }
}

#

Pipeline execution log:

load module: git@github.com/cloud-tek/poc-dagger-dotnet@refs/tags/v0.0.1
11  : ┆ finding module configuration
12  : ┆ ┆ moduleSource(refString: "git@github.com/cloud-tek/poc-dagger-dotnet@refs/tags/v0.0.1"): ModuleSource!
13  : ┆ ┆ ┆ git(url: "git@github.com/cloud-tek/poc-dagger-dotnet"): GitRepository!
14  : ┆ ┆ ┆ ┆ git(url: "https://git@github.com/cloud-tek/poc-dagger-dotnet"): GitRepository!
15  : ┆ ┆ ┆ ┆ git ls-remote --symref https://git@github.com/cloud-tek/poc-dagger-dotnet
15  : ┆ ┆ ┆ ┆ [0.4s] | remote: Invalid username or token. Password authentication is not supported for Git operations.
15  : ┆ ┆ ┆ ┆ [0.4s] | fatal: Authentication failed for 'https://github.com/cloud-tek/poc-dagger-dotnet/'
15  : ┆ ┆ ┆ ┆ git ls-remote --symref https://git@github.com/cloud-tek/poc-dagger-dotnet ERROR [0.4s]
15  : ┆ ┆ ┆ ┆ ! git error: git authentication failed
14  : ┆ ┆ ┆ ┆ git ERROR [0.5s]
14  : ┆ ┆ ┆ ┆ ! git error: git authentication failed
16  : ┆ ┆ ┆ ┆ git(url: "ssh://git@github.com/cloud-tek/poc-dagger-dotnet"): GitRepository!
16  : ┆ ┆ ┆ ┆ git ERROR [0.0s]
16  : ┆ ┆ ┆ ┆ ! git authentication failed: SSH URLs are not supported without an SSH socket
13  : ┆ ┆ ┆ git ERROR [0.5s]
13  : ┆ ┆ ┆ ! failed to determine Git URL protocol
12  : ┆ ┆ moduleSource ERROR [0.5s]
12  : ┆ ┆ ! failed to resolve git src: failed to resolve git src: select: failed to determine Git URL protocol
11  : ┆ finding module configuration ERROR [0.6s]
11  : ┆ ! failed to resolve git src: failed to resolve git src: select: failed to determine Git URL protocol
10  : load module: git@github.com/cloud-tek/poc-dagger-dotnet@refs/tags/v0.0.1 ERROR [0.6s]
10  : ! failed to get configured module: failed to resolve git src: failed to resolve git src: select: failed to determine Git URL protocol

glacial hawk Nov 21, 2025, 1:15 PM

#

using dagger to call a module from a private github repository

lilac marlin Nov 21, 2025, 2:27 PM

#

@glacial hawk this is the error: 16 : ┆ ┆ ┆ ┆ ! git authentication failed: SSH URLs are not supported without an SSH socket

since you're using the git@github protocol, you need to have a working ssh agent with the configured keys.

The different ways you can authenticate with private repositories is described here: https://docs.dagger.io/extending/remote-repositories

Remote Repositories | Dagger

Learn how to use remote repositories with Dagger, including authentication methods and best practices.

#

Let us know if you still have any questions 🙏

sleek monolith Nov 21, 2025, 2:45 PM

#

snippets may help - here's what I use for ssh agent + having go get also use the ssh key ATM:

      - name: 'Set up SSH Agent'
        uses: webfactory/ssh-agent@v0.9.0
        with:
          ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY }}

      - name: 'Set Git (and go get) to fetch via ssh'
        run: |
          git config --global url."git@github.com:".insteadOf https://github.com

...

      - name: 'Handle Event with Dagger'
        uses: dagger/dagger-for-github@main
        env:
          SSH_AUTH_SOCK: ${{ env.SSH_AUTH_SOCK }}
        with:
          module: ssh://git@github.com/redacted-org-name/dagger-monorepo/dagger-module-subdir-name@branch
          call: actions-entrypoint --test
          cloud-token: ${{ secrets.DAGGER_CLOUD_TOKEN }}

lilac marlin Nov 21, 2025, 3:40 PM

#

in the cae of GHA, there's a mention here: https://docs.dagger.io/getting-started/ci-integrations/github-actions/#ssh-configuration

I agree it can be improved

GitHub Actions | Dagger

Learn how to use Dagger with GitHub Actions.

glacial hawk Nov 21, 2025, 9:30 PM

#

thank you so much guys, I'll try this out asap

glacial hawk Nov 21, 2025, 9:31 PM

#

sleek monolith snippets may help - here's what I use for ssh agent + having `go get` also use t...

does this approach assume the usage of deployment keys in GH? or is this key something else?

#using dagger to call a module from a private github repository